Email to user no longer has password

OK, I’ve got it. I also used the WP-Mail-SMTP, latest version 0.10.1, per your advice :-). Alas, that’s the problem.. When I deactivate it, wp-members works again as expected. Sigh. Don’t get me wrong, I’m glad I can get this working again. But..?

My first inclination would be to look into whether you are using both user selected passwords and moderated registration (which is discussed in the FAQs under the heading “Passwords are not being included in Emails“). However, there are a couple of things in your email that lead me to believe that’s not the issue here (most specifically, that the reset password email does not contain the password either).

It’s odd that disabling a seemingly unrelated plugin would result in the problem going away (WP-Mail-SMTP). The password is placed into the email by shortcode – but this occurs prior to the email being sent to the wp_mail() function. So that plugin wouldn’t be touching the email until after that.

Since a generated password is basically gibberish to a non-human filtering mechanism, I suppose that it’s possible somewhere along the line that this could be stripped out. But I find that an unlikely possibility.

The first thing to do of course is verify that the password shortcode is in the email body. You can check this in the plugin’s Emails tab. The shortcode should be [password].

Verify the FAQ I referenced above. Even though I don’t think that’s it, it should be confirmed that is not the problem.

Try installing and using the WordPass plugin. This generates word-based passwords. While I don’t think it’s likely a completely random password would be stripped out of the message, it’s worth trying to find out.

(Note: 4.7 vs 4.7.1/4.7.2 is not the issue – I’ve just haven’t updated the plugin’s readme file which is where that number comes from. The primary dev process for the plugin actually occurs on bleeding edge WP, which is currently 4.8).

I did snoop around your documentation before posting :-). Thanks for pointing out potential pitfalls. I was happy to read about the more than 2 fields in login possibility, except that I don’t have that https://centralcoastweavers.org/login/
and my message says :

Your password for [blogname] has been reset

Your new password is included below. It is strongly recommended that you retain a copy for your records.

password: [password]

You may log in and change it to something more memorable here:
[user-profile]

which i’m pretty sure is correct, if only because it now works again. And neither of these things changed. Really, I was running fine since June/July. Then I updated to 4.7.1 (and a lot of plugins, but I don’t remember which) and things came to a crashing halt. 4.7.2 didn’t help. Only disactivating wp-mail-smtp has restored it.

The password reset email looked like this:

password:

and nothing there. Same thing for the registration acknowledgement, which also sent back the password previously (and thanks for that very clear explanation of why it needs to be in the registration email and not the activation one).

I just tested with the wordpass extension, no change. Although I’m really glad you pointed it out, as I’m sure it’ll be very popular with these particular users :-).

Anyway, I’m totally baffled. I agree that plugins affecting different areas shouldn’t interfere with each other. But..
Maybe there’s now a competing [password] shortcode in wp-mail-smtp??

The issue with the password not being included in the email is the configuration is described in this FAQ:

https://rocketgeek.com/plugins/wp-members/docs/faqs/#moderation